FireEye: Cyber Threats to the Nordic Region

The security company FireEye has released a report on Cyber Threats, stating the threat actors have targeted strategic industries and government and defense agencies Cyber threat actors are searching for valuable economic, political, and military intelligence. The goal is estimated being to capitalize on Nordic countries’ robust economies and gain an upper hand in the region’s distinct geopolitical concerns.

""State-sponsored threat actors

most likely seek to use any

information that they obtain to

benefit their government’s

decision makers and industries."

Threat actors often target their victims’ most sensitive information, including executive emails, financial data, and intellectual property. It is expected that they hand the data over to support the sponsor government’s economic, military, and political goals.

The majority of the crimeware variants FireEye has identified were so-called “infostealers” designed to collect credentials and other private user information. The sponsoring government most likely uses to monitor activities it perceives as controversial or sensitive.

Efforts to promote free speech and transparency makes Nordic nonprofits, minority groups, and media agencies a target of APT groups, whose sponsoring governments view those issues as a threat to their legitimacy and domestic stability.

The report states that according to another Ministry official, the activity in Finland was "similar to, and more sophisticated" than the Red October cyber espionage campaign, which reportedly has been targeting similar data from European governments since 2007.

Furthermore, geopolitical tensions, such as Arctic territorial disputes, NATO operations, and the ongoing crisis in Ukraine, will most likely influence targeting as rival parties seek to advance their goals with valuable intelligence.